Come, All Ye Computer Geeks, And Listen To My Email Virus Tale of Woe

This morning, I awoke to find an email in my inbox from my buddy Big Show’s brother-in-law.   This guy sends me emails precisely never, aside from when we’re planning Vegas trip details, so I immediately thought it was a virus.   The subject line was

“Fwd:  Kid Dynamite Hey!”

and the body of the email was:

check this out httpx://msnbc.msn.com-articles3.us/jobs/

I edited the web address by inserting an “x” at the end of http so that you guys don’t click on it.

I use Yahoo Email, in Firefox, and run Windows 7.

So I forwarded the email to Big Show, letting him know that his brother-in-law must have a virus, and I went on with my business without clicking on the link.   Big Show replied a bit later, telling me that it was just an article about the best/worst jobs, and that although he doubted that his brother in law sent it, it seemed safe.

Like a moron, I then clicked on the link.   It did seem safe – a link to a seemingly legit MSNBC article about the best and worst jobs – blah blah blah.    I quickly started getting email bouncebacks in my Yahoo inbox, and knew that my initial instinct had been right:  my account had taken on a mind of its own and was trying to send emails to people in my address book, and some bad addresses were bouncing back.

I could go into my “sent” folder and see that my Yahoo email account was sending each of my contacts one of two different emails:  half got the subject line: “FW: Jeff Hey”  and half got the subject line “re: Jeff Hey.”   The email body contained the same line as the email I had received – verbatim – with the same link.   Each email was only sent to one person.

Of course, with Yahoo Email, you can’t send everyone in your address book a mass email telling them that you spammed them with a virus – because when you try to do that, Yahoo thinks that you’re a virus!  Aiyahhhh…

Now, my *guess* – and no, I am not a tech geek, that’s why I’m writing this post:so that the tech geeks in my audience can give their informed opinions – was that this is a funky virus unique to Yahoo Email.   In other words, no – I don’t think I got “hacked” in the sense that someone compromised my password: it was pretty clear that the bad stuff started as soon as I clicked on the link in the email.   I did change my email password, and I ran a full Norton Antivirus scan, and then a full MalwareBytes scan.  Norton AV found a bunch of tracking cookies, which it always finds, and MalwareBytes found nothing.

additional info:  a friend forwarded me this link for VirusTotal, which seemed to indicate that the site in the link itself wasn’t harmful?  Is it possible that there’s something funky that triggers the virus when the link is clicked on, but not when the link is copied & pasted?

Anyway:  what now?   is it possible this was a Yahoo Email-centric bug that Yahoo nipped in the bud?  I am currently able to send and receive emails via my “damaged” account, and I’ve been scanning my “Sent” folder for signs of more emails being sent without my knowledge, but haven’t found any since the initial outburst…  Yahoo clearly has problems with stuff like this all the time, as they have whole “help” sections about similar problems, which of course are entirely un-helpful.

Although I’m probably smarter than your father* when it comes to computer-related stuff, I’d kinda like it if anyone has the kind of solution that you’d give your father:  in other words, I’m not really looking for  “clean out the registry bit-keys, and then encrypt your firewall with WEP encoding.”   That won’t really help me…   Give it to me like I’m an idiot.   Someone told me to download the free “MalwareBytes,” which I did.  And I’m already running what I thought was a pretty decent AV package in Norton.

thanks in advance…

disclosure: no positions in any publicly traded antivirus companies.   no positions in $YHOO

-KD

*when I say “your father,” I mean the stereotypical image of an old man with bi-focals sitting at a computer shouting “HOW DO YOU TURN THIS THING ON?   Which is ironic, of course, since my father is so paranoid about viruses that when I sent him links he sometimes calls me up to make sure that I really sent them before he clicks on them!   Mrs. Dynamite correctly chided me, “I can’t believe you clicked on the link – that’s something your parents would do,” and was especially peeved (rightly so) that I was on her desktop at the time…

Kid Dynamite is a participant in the Amazon Services LLC Associates Program, an affiliate advertising program designed to provide a means for sites to earn advertising fees by advertising and linking to Amazon.com. If you click on my Amazon.com links and buy anything, even something other than the product advertised, I earn a small commission, yet you don't pay any extra. Thank you for your support.

The information in this blog post represents my own opinions and does not contain a recommendation for any particular security or investment. I or my affiliates may hold positions or other interests in securities mentioned in the Blog, please see my Disclaimer page for my full disclaimer.

blog comments powered by Disqus
Kiddynamitesworld Blog